How a VPN Works? ๐ฅ๐ฅ๐
#infosec #cybersecurity #pentesting #redteam #VPN #networking #networksecurity #infosec urity #cyberattack s #Security #Linux #VPN works #cybersecurity awareness #httpstatus #bugbounty #bugbounty tips #attacks #cyberattack
๐ฅ bypass alert ==> [alert][0].call(this,1)
credit: BBR - Bug Bounty Resources ๐งต
#bugbounty #bugbounty tips #bugbounty tips
sometimes if u trying to access an endpoint and get 403
try this
/api/docs/index.html ==> 403 Forbidden
/api/Docs/index.html ==> 200 Ok
I think it's called 'Case Insensitivity Vulnerability'
#bugbounty tips #bugbounty #cybersecurity #Pentesting
Network Traffic Analysis Tools
#infosec #cybersecurity #cybersecurity tips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosec urity #cyberattacks #security #linux #cybersecurity awareness #bugbounty #bugbounty tips
Time based SQL Injection using waybackurls
waybackurls TARGET.COM | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls.txt | sort -u -o urls.txt
continuing oneliner in another Thread๐
#bugbounty tips #bugbounty #ai
XSS Hunting from WaybackURLS
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls-xss.txt | sort -u -o urls-xss.txt && cat urls-xss.txt | kxss
#bugbounty tips #bugbounty
Sharing My Study Methodology as a Bug Bounty Hunter. I promised a friend of mine that I'll share my study methodology with them - thought if I'm gonna share it with them, why not make it public ๐คท๐ปโโ๏ธ.
Link ๐: shreyaschavhan.notion.site/My-Study-Methoโฆ
#BugBounty #bugbountytips #study
๐ฅธ ๐๐๐ก๐๐๐ง๐๐ข ๐๐พ๐ ๐๐๐พ - Fixed
A recent Telegram RCE bug has been fixed, but attackers are still trying to bypass the fix.
โ ๏ธ ๐๐๐ง๐ฃ๐๐ฃ๐: If you receive a picture or video, DO NOT click or download it! It may contain malware.
#Telegram #Cybersecurity #bugbounty
SQL Injection to Account Takeover Manually :)
1. Enter mobile number to login intercept
{'mobile_number':'8888888888'} >> 200
{'mobile_number':'8888888888''} >> 500
{'mobile_number':'8888888888'''} >> 200
credit: BBR - Bug Bounty Resources ๐งต
#bugbounty tips #bugbounty
Security Automation
#infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosec urity #cyberattacks #security #oscp #cybersecurity awareness #bugbounty #bugbounty tips
First day on a new private program and a very interesting account takeover. This may be a duplicate, but let's hope and see the first reply!๐
Read comments for a full bug description and how the takeover was madeโคต๏ธ
#BugBounty #bugbountytips